| … | |
… | |
| 14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 15 | GNU General Public License for more details. |
15 | GNU General Public License for more details. |
| 16 | |
16 | |
| 17 | You should have received a copy of the GNU General Public License |
17 | You should have received a copy of the GNU General Public License |
| 18 | along with gvpe; if not, write to the Free Software |
18 | along with gvpe; if not, write to the Free Software |
| 19 | Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
19 | Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 20 | */ |
20 | */ |
| 21 | |
21 | |
| 22 | #include "config.h" |
22 | #include "config.h" |
| 23 | |
23 | |
| 24 | #include <list> |
24 | #include <list> |
| … | |
… | |
| 108 | |
108 | |
| 109 | if (ipv4_fd < 0) |
109 | if (ipv4_fd < 0) |
| 110 | return -1; |
110 | return -1; |
| 111 | |
111 | |
| 112 | fcntl (ipv4_fd, F_SETFL, O_NONBLOCK); |
112 | fcntl (ipv4_fd, F_SETFL, O_NONBLOCK); |
|
|
113 | fcntl (ipv4_fd, F_SETFD, FD_CLOEXEC); |
| 113 | |
114 | |
| 114 | #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
115 | #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
| 115 | // this I really consider a linux bug. I am neither connected |
116 | // this I really consider a linux bug. I am neither connected |
| 116 | // nor do I fragment myself. Linux still sets DF and doesn't |
117 | // nor do I fragment myself. Linux still sets DF and doesn't |
| 117 | // fragment for me sometimes. |
118 | // fragment for me sometimes. |
| … | |
… | |
| 127 | { |
128 | { |
| 128 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
129 | slog (L_ERR, _("can't bind ipv4 socket on %s: %s"), (const char *)si, strerror (errno)); |
| 129 | exit (EXIT_FAILURE); |
130 | exit (EXIT_FAILURE); |
| 130 | } |
131 | } |
| 131 | |
132 | |
| 132 | ipv4_ev_watcher.start (ipv4_fd, EVENT_READ); |
133 | ipv4_ev_watcher.start (ipv4_fd, EV_READ); |
| 133 | } |
134 | } |
| 134 | |
135 | |
| 135 | udpv4_fd = -1; |
136 | udpv4_fd = -1; |
| 136 | |
137 | |
| 137 | if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port) |
138 | if (THISNODE->protocols & PROT_UDPv4 && THISNODE->udp_port) |
| … | |
… | |
| 140 | |
141 | |
| 141 | if (udpv4_fd < 0) |
142 | if (udpv4_fd < 0) |
| 142 | return -1; |
143 | return -1; |
| 143 | |
144 | |
| 144 | fcntl (udpv4_fd, F_SETFL, O_NONBLOCK); |
145 | fcntl (udpv4_fd, F_SETFL, O_NONBLOCK); |
|
|
146 | fcntl (udpv4_fd, F_SETFD, FD_CLOEXEC); |
| 145 | |
147 | |
| 146 | // standard daemon practise... |
148 | // standard daemon practise... |
| 147 | { |
149 | { |
| 148 | int oval = 1; |
150 | int oval = 1; |
| 149 | setsockopt (udpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
151 | setsockopt (udpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
| … | |
… | |
| 165 | { |
167 | { |
| 166 | slog (L_ERR, _("can't bind udpv4 on %s: %s"), (const char *)si, strerror (errno)); |
168 | slog (L_ERR, _("can't bind udpv4 on %s: %s"), (const char *)si, strerror (errno)); |
| 167 | exit (EXIT_FAILURE); |
169 | exit (EXIT_FAILURE); |
| 168 | } |
170 | } |
| 169 | |
171 | |
| 170 | udpv4_ev_watcher.start (udpv4_fd, EVENT_READ); |
172 | udpv4_ev_watcher.start (udpv4_fd, EV_READ); |
| 171 | } |
173 | } |
| 172 | |
174 | |
| 173 | icmpv4_fd = -1; |
175 | icmpv4_fd = -1; |
| 174 | |
176 | |
| 175 | #if ENABLE_ICMP |
177 | #if ENABLE_ICMP |
| … | |
… | |
| 179 | |
181 | |
| 180 | if (icmpv4_fd < 0) |
182 | if (icmpv4_fd < 0) |
| 181 | return -1; |
183 | return -1; |
| 182 | |
184 | |
| 183 | fcntl (icmpv4_fd, F_SETFL, O_NONBLOCK); |
185 | fcntl (icmpv4_fd, F_SETFL, O_NONBLOCK); |
|
|
186 | fcntl (icmpv4_fd, F_SETFD, FD_CLOEXEC); |
| 184 | |
187 | |
| 185 | #ifdef ICMP_FILTER |
188 | #ifdef ICMP_FILTER |
| 186 | { |
189 | { |
| 187 | icmp_filter oval; |
190 | icmp_filter oval; |
| 188 | oval.data = 0xffffffff; |
191 | oval.data = 0xffffffff; |
| … | |
… | |
| 197 | // this I really consider a linux bug. I am neither connected |
200 | // this I really consider a linux bug. I am neither connected |
| 198 | // nor do I fragment myself. Linux still sets DF and doesn't |
201 | // nor do I fragment myself. Linux still sets DF and doesn't |
| 199 | // fragment for me sometimes. |
202 | // fragment for me sometimes. |
| 200 | { |
203 | { |
| 201 | int oval = IP_PMTUDISC_DONT; |
204 | int oval = IP_PMTUDISC_DONT; |
| 202 | setsockopt (udpv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
205 | setsockopt (icmpv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
| 203 | } |
206 | } |
| 204 | #endif |
207 | #endif |
| 205 | |
208 | |
| 206 | sockinfo si (THISNODE, PROT_ICMPv4); |
209 | sockinfo si (THISNODE, PROT_ICMPv4); |
| 207 | |
210 | |
| … | |
… | |
| 209 | { |
212 | { |
| 210 | slog (L_ERR, _("can't bind icmpv4 on %s: %s"), (const char *)si, strerror (errno)); |
213 | slog (L_ERR, _("can't bind icmpv4 on %s: %s"), (const char *)si, strerror (errno)); |
| 211 | exit (EXIT_FAILURE); |
214 | exit (EXIT_FAILURE); |
| 212 | } |
215 | } |
| 213 | |
216 | |
| 214 | icmpv4_ev_watcher.start (icmpv4_fd, EVENT_READ); |
217 | icmpv4_ev_watcher.start (icmpv4_fd, EV_READ); |
| 215 | } |
218 | } |
| 216 | #endif |
219 | #endif |
| 217 | |
220 | |
| 218 | tcpv4_fd = -1; |
221 | tcpv4_fd = -1; |
| 219 | |
222 | |
| … | |
… | |
| 224 | |
227 | |
| 225 | if (tcpv4_fd < 0) |
228 | if (tcpv4_fd < 0) |
| 226 | return -1; |
229 | return -1; |
| 227 | |
230 | |
| 228 | fcntl (tcpv4_fd, F_SETFL, O_NONBLOCK); |
231 | fcntl (tcpv4_fd, F_SETFL, O_NONBLOCK); |
|
|
232 | fcntl (tcpv4_fd, F_SETFD, FD_CLOEXEC); |
| 229 | |
233 | |
| 230 | // standard daemon practise... |
234 | // standard daemon practise... |
| 231 | { |
235 | { |
| 232 | int oval = 1; |
236 | int oval = 1; |
| 233 | setsockopt (tcpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
237 | setsockopt (tcpv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
| … | |
… | |
| 245 | { |
249 | { |
| 246 | slog (L_ERR, _("can't listen tcpv4 on %s: %s"), (const char *)si, strerror (errno)); |
250 | slog (L_ERR, _("can't listen tcpv4 on %s: %s"), (const char *)si, strerror (errno)); |
| 247 | exit (EXIT_FAILURE); |
251 | exit (EXIT_FAILURE); |
| 248 | } |
252 | } |
| 249 | |
253 | |
| 250 | tcpv4_ev_watcher.start (tcpv4_fd, EVENT_READ); |
254 | tcpv4_ev_watcher.start (tcpv4_fd, EV_READ); |
| 251 | } |
255 | } |
| 252 | #endif |
256 | #endif |
| 253 | |
257 | |
| 254 | #if ENABLE_DNS |
258 | #if ENABLE_DNS |
| 255 | if (THISNODE->protocols & PROT_DNSv4) |
259 | if (THISNODE->protocols & PROT_DNSv4) |
| … | |
… | |
| 259 | dnsv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
263 | dnsv4_fd = socket (PF_INET, SOCK_DGRAM, IPPROTO_UDP); |
| 260 | |
264 | |
| 261 | if (dnsv4_fd < 0) |
265 | if (dnsv4_fd < 0) |
| 262 | return -1; |
266 | return -1; |
| 263 | |
267 | |
|
|
268 | fcntl (dnsv4_fd, F_SETFL, O_NONBLOCK); |
|
|
269 | fcntl (dnsv4_fd, F_SETFD, FD_CLOEXEC); |
|
|
270 | |
| 264 | #if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
271 | # if defined(SOL_IP) && defined(IP_MTU_DISCOVER) |
| 265 | // this I really consider a linux bug. I am neither connected |
272 | // this I really consider a linux bug. I am neither connected |
| 266 | // nor do I fragment myself. Linux still sets DF and doesn't |
273 | // nor do I fragment myself. Linux still sets DF and doesn't |
| 267 | // fragment for me sometimes. |
274 | // fragment for me sometimes. |
| 268 | { |
275 | { |
| 269 | int oval = IP_PMTUDISC_DONT; |
276 | int oval = IP_PMTUDISC_DONT; |
| 270 | setsockopt (udpv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
277 | setsockopt (dnsv4_fd, SOL_IP, IP_MTU_DISCOVER, &oval, sizeof oval); |
| 271 | } |
278 | } |
| 272 | #endif |
279 | # endif |
| 273 | |
280 | |
| 274 | // standard daemon practise... |
281 | // standard daemon practise... |
| 275 | { |
282 | { |
| 276 | int oval = 1; |
283 | int oval = 1; |
| 277 | setsockopt (dnsv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
284 | setsockopt (dnsv4_fd, SOL_SOCKET, SO_REUSEADDR, &oval, sizeof oval); |
| … | |
… | |
| 285 | { |
292 | { |
| 286 | slog (L_ERR, _("can't bind dnsv4 on %s: %s"), (const char *)si, strerror (errno)); |
293 | slog (L_ERR, _("can't bind dnsv4 on %s: %s"), (const char *)si, strerror (errno)); |
| 287 | exit (EXIT_FAILURE); |
294 | exit (EXIT_FAILURE); |
| 288 | } |
295 | } |
| 289 | |
296 | |
| 290 | dnsv4_ev_watcher.start (dnsv4_fd, EVENT_READ); |
297 | dnsv4_ev_watcher.start (dnsv4_fd, EV_READ); |
| 291 | } |
298 | } |
| 292 | #endif |
299 | #endif |
| 293 | |
300 | |
| 294 | ///////////////////////////////////////////////////////////////////////////// |
301 | ///////////////////////////////////////////////////////////////////////////// |
| 295 | |
302 | |
| … | |
… | |
| 302 | { |
309 | { |
| 303 | slog (L_ERR, _("cannot create network interface '%s'"), conf.ifname); |
310 | slog (L_ERR, _("cannot create network interface '%s'"), conf.ifname); |
| 304 | exit (EXIT_FAILURE); |
311 | exit (EXIT_FAILURE); |
| 305 | } |
312 | } |
| 306 | |
313 | |
|
|
314 | fcntl (tap->fd, F_SETFD, FD_CLOEXEC); |
|
|
315 | |
| 307 | if (tap->if_up () && |
316 | if (tap->if_up () && |
| 308 | !run_script (run_script_cb (this, &vpn::script_if_init), true)) |
317 | !run_script (run_script_cb (this, &vpn::script_if_init), true)) |
| 309 | { |
318 | { |
| 310 | slog (L_ERR, _("interface initialization command '%s' failed, exiting."), |
319 | slog (L_ERR, _("interface initialization command '%s' failed, exiting."), |
| 311 | tap->if_up ()); |
320 | tap->if_up ()); |
| … | |
… | |
| 316 | { |
325 | { |
| 317 | slog (L_ERR, _("if-up command execution failed, exiting.")); |
326 | slog (L_ERR, _("if-up command execution failed, exiting.")); |
| 318 | exit (EXIT_FAILURE); |
327 | exit (EXIT_FAILURE); |
| 319 | } |
328 | } |
| 320 | |
329 | |
| 321 | tap_ev_watcher.start (tap->fd, EVENT_READ); |
330 | tap_ev_watcher.start (tap->fd, EV_READ); |
| 322 | |
331 | |
| 323 | return 0; |
332 | return 0; |
| 324 | } |
333 | } |
| 325 | |
334 | |
| 326 | bool |
335 | bool |
| … | |
… | |
| 477 | |
486 | |
| 478 | return false; |
487 | return false; |
| 479 | } |
488 | } |
| 480 | |
489 | |
| 481 | void |
490 | void |
| 482 | vpn::ipv4_ev (io_watcher &w, short revents) |
491 | vpn::ipv4_ev (ev::io &w, int revents) |
| 483 | { |
492 | { |
| 484 | if (revents & EVENT_READ) |
493 | if (revents & EV_READ) |
| 485 | { |
494 | { |
| 486 | vpn_packet *pkt = new vpn_packet; |
495 | vpn_packet *pkt = new vpn_packet; |
| 487 | struct sockaddr_in sa; |
496 | struct sockaddr_in sa; |
| 488 | socklen_t sa_len = sizeof (sa); |
497 | socklen_t sa_len = sizeof (sa); |
| 489 | int len; |
498 | int len; |
| … | |
… | |
| 518 | } |
527 | } |
| 519 | } |
528 | } |
| 520 | |
529 | |
| 521 | #if ENABLE_ICMP |
530 | #if ENABLE_ICMP |
| 522 | void |
531 | void |
| 523 | vpn::icmpv4_ev (io_watcher &w, short revents) |
532 | vpn::icmpv4_ev (ev::io &w, int revents) |
| 524 | { |
533 | { |
| 525 | if (revents & EVENT_READ) |
534 | if (revents & EV_READ) |
| 526 | { |
535 | { |
| 527 | vpn_packet *pkt = new vpn_packet; |
536 | vpn_packet *pkt = new vpn_packet; |
| 528 | struct sockaddr_in sa; |
537 | struct sockaddr_in sa; |
| 529 | socklen_t sa_len = sizeof (sa); |
538 | socklen_t sa_len = sizeof (sa); |
| 530 | int len; |
539 | int len; |
| … | |
… | |
| 566 | } |
575 | } |
| 567 | } |
576 | } |
| 568 | #endif |
577 | #endif |
| 569 | |
578 | |
| 570 | void |
579 | void |
| 571 | vpn::udpv4_ev (io_watcher &w, short revents) |
580 | vpn::udpv4_ev (ev::io &w, int revents) |
| 572 | { |
581 | { |
| 573 | if (revents & EVENT_READ) |
582 | if (revents & EV_READ) |
| 574 | { |
583 | { |
| 575 | vpn_packet *pkt = new vpn_packet; |
584 | vpn_packet *pkt = new vpn_packet; |
| 576 | struct sockaddr_in sa; |
585 | struct sockaddr_in sa; |
| 577 | socklen_t sa_len = sizeof (sa); |
586 | socklen_t sa_len = sizeof (sa); |
| 578 | int len; |
587 | int len; |
| … | |
… | |
| 603 | exit (EXIT_FAILURE); |
612 | exit (EXIT_FAILURE); |
| 604 | } |
613 | } |
| 605 | } |
614 | } |
| 606 | |
615 | |
| 607 | void |
616 | void |
| 608 | vpn::tap_ev (io_watcher &w, short revents) |
617 | vpn::tap_ev (ev::io &w, int revents) |
| 609 | { |
618 | { |
| 610 | if (revents & EVENT_READ) |
619 | if (revents & EV_READ) |
| 611 | { |
620 | { |
| 612 | /* process data */ |
621 | /* process data */ |
| 613 | tap_packet *pkt; |
622 | tap_packet *pkt; |
| 614 | |
623 | |
| 615 | pkt = tap->recv (); |
624 | pkt = tap->recv (); |
| … | |
… | |
| 645 | else |
654 | else |
| 646 | abort (); |
655 | abort (); |
| 647 | } |
656 | } |
| 648 | |
657 | |
| 649 | void |
658 | void |
| 650 | vpn::event_cb (time_watcher &w) |
659 | vpn::event_cb (ev::timer &w, int) |
| 651 | { |
660 | { |
| 652 | if (events) |
661 | if (events) |
| 653 | { |
662 | { |
| 654 | if (events & EVENT_SHUTDOWN) |
663 | if (events & EVENT_SHUTDOWN) |
| 655 | { |
664 | { |
| … | |
… | |
| 746 | } |
755 | } |
| 747 | |
756 | |
| 748 | void |
757 | void |
| 749 | vpn::dump_status () |
758 | vpn::dump_status () |
| 750 | { |
759 | { |
| 751 | slog (L_NOTICE, _("BEGIN status dump (%ld)"), (long)NOW); |
760 | slog (L_NOTICE, _("BEGIN status dump (%ld)"), (long)ev::ev_now ()); |
| 752 | |
761 | |
| 753 | for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c) |
762 | for (conns_vector::iterator c = conns.begin (); c != conns.end (); ++c) |
| 754 | (*c)->dump_status (); |
763 | (*c)->dump_status (); |
| 755 | |
764 | |
| 756 | slog (L_NOTICE, _("END status dump")); |
765 | slog (L_NOTICE, _("END status dump")); |
